Capitalizing on the potential of open software

Ken Melero is vice president of the intelligence community for Elastic. He brings over two decades of industry experience in data management, open source and geospatial intelligence.

Mike Barretta is the senior manager of solution architecture for the US public sector at Elastic. He brings over two decades of industry experience in software development, data science, system administration and technical consulting.

Open software has long been recognized by federal civilian, defense and intelligence agencies for providing lower starting costs, faster development processes and community-driven support compared to proprietary software. But agencies often fail to capitalize on the full potential of open software.

One way they can realize greater value, save time and money, and deliver mission objectives faster is by asking a couple of critical questions: Is there a company affiliated with this software? And do they provide features or support that would help our efforts and reduce risk?

By answering these critical questions, mission leaders can make more informed decisions, improve operational capabilities, and ultimately reduce wasted spending.

A common scenario at many agencies occurs when users or developers download and adopt a free tool without taking the time to understand its origin or the additional features available with a license. As a result, agencies typically end up using as little as ten percent of the software’s full potential.

Build vs. Buy

Another key consideration relates to the “build versus buy” dilemma. Open products provide developers tremendous flexibility but usually require additional customization. This is a good thing: open software products are meant to be adapted to fit users’ specific needs, and that is one reason they are so important. All too often, however, developers opt to re-build existing features and solutions instead of considering licensed solutions already available in the product. These customizations can be brittle, poorly supported, and tightly coupled to a specific version of the product as compared to the features built by product engineers. The unfortunate outcome is a system unable to take advantage of the new features, optimizations, and security patches present in newer versions without substantial redevelopment costs. For instance, Elastic consistently rolls out new features and functions every six to eight weeks, ensuring the software remains cutting-edge and an effective fit for evolving missions. This is a challenging pace to match.

The advantages of partnering with open software companies

Working directly with open software companies like Elastic and engaging with their community offers several advantages. Agencies can tap into the expertise of those responsible for the software’s development, ensuring timely updates and influence on new features. Moreover, direct engagement streamlines the integration process, allowing mission leaders to maximize the benefits of open software while minimizing associated costs and time constraints. Additionally, as regular updates can be swiftly implemented, so is the process of safeguarding systems against emerging threats.

Commercially supported open software significantly reduces supply chain risks. Modern and secure development practices, audited release artifacts, and legal liability help open software companies to ensure the products they release are as free from vulnerabilities as any closed software product. Further, since the source code is available to the world, commercially supported open software is often more secure than closed since there are a great number of eyes looking for and reporting vulnerabilities. At Elastic, we have a bug bounty program through HackerOne that pays researchers, hackers, and others to find what we might miss. This proactive approach not only encourages the identification of security flaws but also shows a commitment to continuous security improvement.

The benefits of open software are increasingly evident as public sector and mission leaders face challenges in managing the volume of data they collect. According to new research, 45% of public sector organizations need help managing data volume. In addition, 31% of public sector leaders say they’re not utilizing data optimally across departments because data sits in siloed databases, or teams lack a single source of data truth for collaboration, analytics and data sharing.

Elastic is a prominent example of an open software company making a significant impact in the intelligence community. IC agencies can enhance mission delivery and citizen services by using Elastic to search massive amounts of data and derive insights. Through its innovative solutions, IC agencies can enhance mission delivery and improve citizen services by harnessing Elastic’s capabilities to search and extract insights.

Empowering the intelligence community with an open ecosystem of technologies

We believe that building a robust community requires collaboration, resource sharing, and sharing expertise. This collaboration leads to more effective use of software and tools. We also promote an open ecosystem, encouraging users to freely adopt and integrate their tools. As a company, we are agnostic about how their tools are used and support users’ freedom to experiment with different approaches.

Openness also extends to sharing. We encourage open standards as they enable sharing, reuse, and the easy adoption of best practices by others. We are active contributors to other open software projects, recently donating our data schema, ECS, to OpenTelemetry, a member of the Cloud Native Computing Foundation (CNCF) with a widely used set of open standards and tools for Observability.  Furthermore, these efforts benefit customers by fostering a collaborative environment and ensuring seamless integration into existing systems.

Decision-making is also a collaborative, data-driven activity as described in the IC data strategy. The new strategy presents four areas that agencies can act on over the next few years, including data interoperability: a core feature of open software like Elastic. As highlighted in a recent blog post, Elastic gives agencies the freedom to share code and architecture with other projects and systems when needed. Unlike the walled gardens of some closed systems, data is stored in non-proprietary formats, meaning both data and analytic methods are transferable within an enterprise architecture or to cross-agency initiatives. 

Elastic is a firm believer in the power of open software to power and grow our national security advantage.

 Learn more about how Elastic can help enhance mission delivery with open source.